Re: Update Manager sudo trojan

I arrived on this site doing a search also concerned about an update that referred to SUDO. Just got my normal periodic update Ubuntu thingy and updated it without thinking twice, noticed the update referred to SUDO then thought "wonder if I've just compromised my system, better check it out."

Interestingly, as for 3spartan, there are two sudo:
1.7.2p1-1ubuntu5.3
and
1.7.2p1-1ubuntu5.4

Two updates because 4 followed hot on the heels of 3 and updates must be contiguous?

This would explain version 3 having no check box, as it's essential before version 4.

dpkg.log timestamp is correct.

Of course, if well crafted, a trojan would cover its tracks and delete entries for logs and change timestamps, etc. And I still haven't got to the bottom of specranch. But I'm feeling a bit better. Thanks to all for replies.

Still doesn't explain why I had TWO entries in the update list for sudo, and the second strange one was un-tickable. Just one, with a tick-box, and I wouldn't be worried.

Maybe the second one was for sudo-ldap ...?

Has anyone else ever noticed an entry in Update Manager with no tick-box, ie no option to un-select it?

A untickable in the update manager can mean two things basically, one it is a partial upgrade, which basically should not be run, as it may mean that the repo does not have all the dependencies, they don't all come from the same teams. Or that you just need to run the manager again as a update, to clear out any now available. With a partitial, generally it will get the dependecies so a wait is advised.

The standard ubuntu repositories are very safe, I understand your concern here, but it is from a windows stand point. There are no known trojans on the web for a linux setup. You are fine in what you saw in the update manager, but it never hurts to want to understand.

It really also is partially a definition of what a trojan is and rootkits as well and malware, so check out this area of the forums for more information. These definitions are a bit different in how these play out in a windows system compared to linux, or bsd, or apple setup, apple is basically bsd as well.

Re: Update Manager sudo trojan

Thank you, wilee-nilee

A untickable in the update manager can mean two things basically, one it is a partial upgrade, which basically should not be run, as it may mean that the repo does not have all the dependencies, they don't all come from the same teams. Or that you just need to run the manager again as a update, to clear out any now available. With a partitial, generally it will get the dependecies so a wait is advised.

But what about the duplication? Why did I have two sudo with slightly different descriptions?

The standard ubuntu repositories are very safe, I understand your concern here, but it is from a windows stand point. There are no known trojans on the web for a linux setup.

So what would happen if the Ubuntu repositories were cracked and a trojan added for download?

It really also is partially a definition of what a trojan is and rootkits as well and malware, so check out this area of the forums for more information. These definitions are a bit different in how these play out in a windows system compared to linux, or bsd, or apple setup, apple is basically bsd as well.

As I understand it, a trojan is malicious code that the user puts on his/her computer knowing that it's software, thinking that it's wanted/needed, but not knowing that it's harmful.

Some of your best protection is strong passwords, and being extremely careful with any third party repos or downloads. Really the same as a widows set up as far as an informed user.

Third party repos are a concern. But I'm hoping Oracle and Scribus are at least the same order of magnitude as safe as Ubuntu...